Tesla Hackers Find ‘Unpatchable’ Jailbreak to Unlock Paid Features for Free::A group of security researchers claim to have found an “unpatchable” jailbreak for some Tesla vehicles, potentially unlocking in-car purchases

  • db2@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    220
    ·
    1 year ago

    in-car purchases

    That’s an absolutely disgusting combination of words.

    • HiddenLayer5@lemmy.ml
      link
      fedilink
      English
      arrow-up
      67
      ·
      1 year ago

      “It looks like you’re trying to flee a wildfire. However, you have just run out of Elon X Points and are unable to continue driving. Please wait 5 hours for your Elon X Points to replenish. Can’t wait? We’d like to offer you our once in a lifetime SpaceX Booster X bundle of 15,000 points for just $299.99!”

    • malloc@lemmy.world
      link
      fedilink
      English
      arrow-up
      38
      ·
      1 year ago

      micro-transactions in video games and media was only a test. Now it’s transitioning from the digital to physical world.

  • TIEPilot@lemmy.world
    link
    fedilink
    English
    arrow-up
    124
    ·
    edit-2
    1 year ago

    This how people are gonna find out how bad of an idea to allow the manufacturer to have that much control over your car after purchase. Tesla will shut their cars off if they find them jail breaked.

    Just like the guy that wasn’t allowed to fix the cooling hose on the battery Tesla’s only option was to replace it. A third party fixed it but he still had concerns that they would shut it off (citing safety) because he wouldn’t buy a whole new battery after he fixed it. Also barring him from quick charge stations was another concern.

    • jhulten@infosec.pub
      link
      fedilink
      English
      arrow-up
      56
      ·
      1 year ago

      Neo-feudalism at it’s best. Make them pay the manufacturing costs but also make them rent the thing they paid for

      • Scotty_Trees@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        “make them rent the things they paid for” makes my blood boil. Like paying for a Wi-Fi router each month even though after a year it’s all paid off, they’ll still just charge you for it, literally free money by the millions for them. Fuck you Comcast.

      • I Cast Fist@programming.dev
        link
        fedilink
        English
        arrow-up
        11
        ·
        1 year ago
        • jailbreak
        • disable all traffic from certain apps
        • add all tesla domains as 0.0.0.0 on /etc/hosts, just to be sure
        • ride off into the sunset
      • Buffalox@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Unless they find a legal workaround. They can probably do it, if they claim it makes the car unsafe.

          • Buffalox@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            It’s pretty easy to convince most people that ANY hacking is unsafe. It probably wouldn’t be that difficult to make a convincing argument, and as the maker of the car, they have a lot of authority.

            • JesusFistus@lemm.ee
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              They will hve to provide evidence that explicitly links hacking to safety problems that have occured in real life, never gonna happen

              • Buffalox@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 year ago

                Or they can just brick it, like Apple does with iPhone, when people jail break them.

                Did Apple ever lose a lawsuit on that? You put to much trust in the system.

    • riesendulli@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      31
      ·
      1 year ago

      Insurance will gladly deny you in case of accidents containing your licensed and jailbroken device. Don’t buy this shit in the first place

      • HousePanther@lemmy.goblackcat.com
        link
        fedilink
        English
        arrow-up
        22
        ·
        1 year ago

        It would be incumbent on the insurance company to prove that you willfully circumvented the system. Given an accident serious enough, the Tesla’s computer could be physically damaged to the point where no data could be retrieved.

          • noqturn@lemm.ee
            link
            fedilink
            English
            arrow-up
            12
            ·
            1 year ago

            Insurance is generally not in the business of breaking contracts. If they have a legitimate reason to not pay, they won’t, but they won’t screw you over just because they don’t feel like paying. The risk is too high

            • halferect@lemmy.world
              link
              fedilink
              English
              arrow-up
              14
              ·
              1 year ago

              Ummm… Insurance companies are all about finding ways to not pay and breaking contracts. You think average Joe can spend millions going against insurance companies lawyers? And what risk? They can hold people in court until they break them or they die broke from fighting insurance companies. Hell, my mother’s life insurance didn’t wanna pay and we had to get a lawyer just to make them pay a pretty straight Forward insurance policy.

            • SulaymanF@lemmy.world
              link
              fedilink
              English
              arrow-up
              7
              ·
              1 year ago

              Insurances don’t want to lose in court but they will investigate and find reasons to deny a payout.

      • Patius@lemmy.world
        link
        fedilink
        English
        arrow-up
        19
        ·
        edit-2
        1 year ago

        Insurance would have to prove the modification caused the accident by disabiling some safety mechanism.

        Legally, software mods and hardware mods are no different, and people have been modifying their cars well before you could hack a seat heater on.

        Modifying your car isn’t a valid reason to yank coverage in most circumstances.

        Even making your car faster isn’t enough, assuming your mods are street legal.

  • Prandom_returns@lemm.ee
    link
    fedilink
    English
    arrow-up
    25
    ·
    1 year ago

    Nooo, think about daddy Melon, our saviour and inventor of all things! How is he going to save the world without his shitty car MTX?

    I want to go to mars, rocket-travel to Central Park, I want to have full self driving next year, use a Tesla tunnel and not get stuck in traffic, and maybe travel in a can in near-full vacuum! Maybe use X as my bank, when he has enough money to pay for the rent of twitter building.

    Pls think about all the inventions! Think about all the billions he could waste jerking his ego off by purchasing another community and turning it to shit!

    My god people, don’t sudo your cars and unlock features that are already installed, but disabled. Pls.

    • Patius@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      BMWs have had this, to some extent, for a while. Bimmercode can do things like change sounds and enable software disabled features, like anti dazzle lights. (This is disabled because the NHTSA refuses to adopt ways for them to be easily tested in the US, despite their being approved for decades in Europe and a congressional mandate telling them to allow them on the roads, so every automaker has to disable them.)

      No exploits needed.

  • Hazdaz@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    This issue is going to end up landing in front of the right-wing, pro-business Supreme Court, isn’t it??

    I can see it now. Tesla is going to write some software that detects this patch. They might not be able to stop it, but they can lock these cars out of the Supercharger network and potentially brick the cars. Buyers of these vehicles are going to sue Tesla. Probably go back and forth in the courts for a few years until it ultimately reaches the Supreme Court.

  • Kodama@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Softlooking features will be a thing, regardless how much we despite it. At the same time, it would terrify me knowing that vehicles around me ciuld run on homebrew software. It’s one thing if its in your home but on public roads, naaa keep that shit locked down.

    I can see a future where the law enforcement are shifting from testing intoxication to running validating software checks.

      • Kodama@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s all about responsibility and that man ain’t touching that except if it will gain the brands an extra exposure.

    • brygphilomena@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      A modified computer is already being checked for in CA emissions. No matter how good the car runs, if you have a non-approved or factory tune you can’t register the vehicle.

      Homebrew isnt the issue, since it’s not like the stuff coming from Tesla or any actual car maker has to go through a third party approval process. They just throw software updates out to the wild. And while they may have some internal testing, there just isn’t the regulations to verify any of that.

      I’ve found the whole concept of software assists in general to be the wild West in automotives.

      • Kodama@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It depends where you live, here the certification unit only check the actual exhaust, there is no law here that prohibit me to use any software to adjust my CA emissions as long it’s with in limits during testing it’s OK.

        Agree to point where just calling a beta feature Autopilot is just reckless.

  • Car@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Cool stuff.

    As far as I know, the full self driving codebase doesn’t get delivered to an end-user unless they’ve paid for the feature and have been “approved” through some safe driving algorithm. This means we’re unlikely to see free FSD for all unless somebody manages to capture the firmware package and upload it.

    • Corkyskog@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Can we stop call it FSD, it’s not. It’s just assisted driving, and if I have to be monitoring the entire time, it’s no more useful than cruise control.